Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

SEC discloses hack of Edgar

The U.S. Securities and Exchange Commission said Wednesday hackers broke into its electronic document storage system last year.

The hackers may have traded on information they found, the SEC said.

SEC chairman Jay Clayton issued a long statement Wednesday about the SEC’s cybersecurity.

He said the hack exploited a software weakness in Edgar — the Electronic Data Gathering, Analysis and Retrieval system.

The agency patched the vulnerability and is still investigating the source of the hack.

SEC flings by public companies and regulated financial firms and advisers are held by Edgar.

Clayton said the SEC discovered the hack in 2016. It detected possible illegal trading related to the hack in August this year.

In addition to outside hackers, Clayton said the SEC is vulnerable to unauthorized access by its own personnel and by vendors.

The SEC “employs an agency-wide cybersecurity detection, protection and prevention program for the protection of agency operations and assets,” Clayton said. 

The program includes cybersecurity protocols and controls, network protections, system monitoring and detection processes, vendor risk management processes, and regular cybersecurity and privacy training for employees, according to Clayton. 

“[W]e expect to hire additional expertise in this area,” Clayton said in his statement.

SEC filings are eventually made public through the searchable Edgar system.

It isn’t clear how the hackers exploited Edgar. They may have used early access to company filings to trade on non-public information.


Richard L. Cassin is the publisher and editor of the FCPA Blog.

Share this post


Comments are closed for this article!